I've created a NextJS application (app router 14.0.1) configured with NextAuth. I created a custom provider to use MedPlum as the authorization server. Reference: https://www.medplum.com/docs/api/oauth/authorize https://next-auth.js.org/configuration/initialization#route-handlers-app I have debugging turned on and can log in to the NextJS application. In the [OAUTH_CALLBACK_RESPONSE], I can see the profile, account, and OAuthProfile objects (JSON). Shouldn't I be able to take the access_token (token_type=Bearer) and call the UserInfo using Postman/RapidAPI? Reference: https://www.medplum.com/docs/api/oauth/userinfo When I do, I get the following response. { "sub": "bunch-of-numbers-go-here" } I was expecting something like this: HTTP/1.1 200 OK Content-Type: application/json;charset=UTF-8 { "sub": "248289761001", "name": "Jane Doe", "given_name": "Jane", "family_name": "Doe", "preferred_username": "j.doe", "email": "janedoe@example.com" } Output from request from RapidAPI: url: https://api.medplum.com/oauth2/userinfo GET /oauth2/userinfo HTTP/1.1 Authorization: Bearer Host: api.medplum.com Connection: close User-Agent: RapidAPI/4.2.0 (Macintosh; OS X/14.0.0) GCDHTTPRequest

Hi @.werm - this response depends on the scopes you used to authorize https://www.medplum.com/docs/api/oauth/authorize#scope-required

Dang, sorry to waste your time! I had removed those to help streamline testing; with those additional scopes added in the config, it's an extra click during the login process. The results are correct, or what I would have expected!